wmantly/mp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ADDED BRUTE FORCE PREVENTION

Browse Source
This commit is contained in:
BIG2EYEZ 2024-01-17 22:51:21 +08:00
parent 1f63afd4a5
commit 8c4896bca3
2 changed files with 673 additions and 2153 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Sean/server.js
View File

@ -1,5 +1,6 @@
const express = require("express");
const session = require("express-session");
const rateLimit = require('express-rate-limit');
const mysql2 = require('mysql2');
const bodyParser = require("body-parser");
const bcrypt = require("bcrypt");
@ -128,6 +129,14 @@ const logActivity = async (username, success, message) => {
}
};
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 5, // limit each IP to 3 requests per windowMs
message: 'Too many login attempts from this IP, please try again later.',
});
app.use('/login', limiter);
app.post('/login', [
body('username').escape().trim().isLength({ min: 1 }).withMessage('Username must not be empty'),
body('password').escape().trim().isLength({ min: 1 }).withMessage('Password must not be empty'),

2817
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff